Monday 26 September 2022
Home / none / Kyber Network offers bounty following $265K hack of decentralized exchange

Kyber Network offers bounty following $265K hack of decentralized exchange

KyberSwap, the decentralized exchange built on liquidity protocol Kyber Network, has offered a hacker 15% of the funds from a $265,000 exploit as a bug bounty.

In a Thursday blog post, Kyber Network said a hacker had used a frontend exploit to pilfer roughly $265,000 worth of user funds from KyberSwap. The protocol said it will compensate all users for any missing funds related to the exploit, and directly addressed the hacker to give them an opportunity to return the funds in exchange for “a conversation with our team” and 15% of what was taken — roughly $40,000.

“We know the addresses you own have received funds from central exchanges and we can track you down from there,” said Kyber Network. “We also know the addresses you own have OpenSea profiles and we can track you through the NFT communities or directly through OpenSea. As the doors of exchanges close upon you, you will not be able to cash out without revealing yourself.”

Kyber Network reported shutting down its frontend following the discovery of a “suspicious element” at 8:24 AM UTC on Sept. 1. The platform disabled its user interface and found “a malicious code” in its Google Tag Manager, which targeted “whale wallets with large amounts,” giving the hacker the ability to transfer funds to different addresses. According to Kyber Network co-founder Loi Luu, this was the first hack on the protocol in five years.

“The attack was identified and put a stop to after 2 hours of investigations,” said Kyber Network. “This attack was an FE exploit and there is no smart contract vulnerability.”

Related: DeFi isn’t dead, it just needs to fix these 3 critical problems

Hackers have used exploits to execute attacks on many decentralized finance protocols, including $100 million being removed from the Horizon Bridge in June and draining $200 million worth of crypto from the Nomad token bridge in August. Cointelegraph reported on Aug. 11 that the overwhelming majority of attackers responsible for the Nomad bridge hack copied the original exploit, directing funds to addresses they chose.

Original Article

About Jude Savage

Check Also

Reversible transactions could mitigate crypto theft — Researchers

Stanford University researchers have come up with a prototype for “reversible transactions” on Ethereum, arguing it could be a solution to reduce the impact of crypto theft. In a Sept. 25 tweet, Stanford University blockchain researcher Kaili Wang shared a run down of the Ethereum-based reversible token idea, noting that at this stage it is not a finished concept but more of a “proposal to provoke discussion and even better solutions from the blockchain community,” noting: “The major hacks we've seen are undeniably thefts with strong evidence. If there was a way to reverse those thefts under such circumstances, our ecosystem would be much safer. Our proposal allows reversals only if approved by a decentralized quorum of judges.”The proposal was put together by blockchain researchers from Stanford, including Wang, Dan Boneh, Qinchen Wang, and it outlines “opt-in token standards that are siblings to ERC-20 and ERC-721” dubbed ERC-20R and ERC-721R. However, Wang clarified that th..

Leave a Reply

Your email address will not be published. Required fields are marked *